AWS Certified Advanced Networking – Specialty (ANS-C01) — Question 212
A company uses the us-east-1 Region and the ap-south-1 Region for its business units (BUs). The BUS are named BU-1 and BU-Z. For each BU, there are two VPCs in us-east-1 and one VPC in ap-south-1.
Because of workload isolation requirements, resources can communicate within the same BU but cannot communicate with resources in the other BU. The company plans to add more BUs and plans to expand into more Regions
Which solution will meet these requirements with the MOST operational efficiency?
Answer options
- A. Configure an AWS Cloud WAN network that operates in the required Regions. Attach all BU VPCs to the AWS Cloud WAN core network. Update the AWS Cloud WAN segment actions to configure new routes to deny traffic between the different BU segments.
- B. Configure a transit gateway in each Region. Configure peering between the transit gateways. Attach the BU VPCs to the transit gateway in the corresponding Region. Configure the transit gateway and VPC route tables to isolate traffic between BU VPCs.
- C. Configure an AWS Cloud WAN network that operates in the required Regions. Attach all BU VPCs to the AWS Cloud WAN core network. Update the core network policy by setting the isolate-attachments parameter for each segment.
- D. Configure an AWS Cloud WAN network that operates in the required Regions. Create AWS Cloud WAN segments for each BU Configure VPC attachments for each BU’s VPCs to the corresponding BU segment.
Correct answer: D
Explanation
Option D is correct because it allows for the creation of distinct segments for each BU, ensuring that their VPCs are isolated as required. Option A is incorrect as it relies on denying traffic through route updates rather than creating isolated segments. Option B involves transit gateways, which is a more complex solution that does not provide the same level of operational efficiency in this scenario. Option C does not create separate segments, thus failing to isolate traffic effectively between the BUs.